Secunia Research has discovered a vulnerability in TaskFreak, which
can be exploited by malicious people to conduct cross-site scripting
attacks.

Input passed to the "tznMessage" parameter in logout.php is not
properly sanitised before being returned to the user. This can be
exploited to execute arbitrary HTML and script code in a user's
browser session in context of an affected site.